Google is about to push two-factor authentication further. The company is now prompting users to enroll in two-step verification, and soon will be automatically enrolling users.
This is known to work. According to Microsoft, 99.9% of the compromised accounts it tracks every month did not use multi-factor authentication. Only 11% of all enterprise accounts use a MFA solution overall.
Why do we care?
So, we have a solution to compromised accounts but it’s not being used. That’s essentially the story. How much longer until it’s required everywhere – like it should be?
That 99.9% stat alone should be reason to have every customer you service enforce 2FA. If it were me, I wouldn’t be servicing any customer who didn’t allow me to enforce it.